leon.hoppe/HopFrame
1
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects 1 Releases Wiki Activity

Added group administration

Browse Source
This commit is contained in:
Leon Hoppe
2024-08-03 13:59:48 +02:00
parent 4ba55686a5
commit 4ec531f026
12 changed files with 483 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.idea/.idea.HopFrame/.idea/dataSources.xml generated
View File

@@ -5,7 +5,7 @@
<driver-ref>sqlite.xerial</driver-ref> <driver-ref>sqlite.xerial</driver-ref>
<synchronize>true</synchronize> <synchronize>true</synchronize>
<jdbc-driver>org.sqlite.JDBC</jdbc-driver> <jdbc-driver>org.sqlite.JDBC</jdbc-driver>
<jdbc-url>jdbc:sqlite:$PROJECT_DIR$/DatabaseTest/bin/Debug/net8.0/test.db</jdbc-url> <jdbc-url>jdbc:sqlite:$PROJECT_DIR$/RestApiTest/bin/Debug/net8.0/test.db</jdbc-url>
<jdbc-additional-properties> <jdbc-additional-properties>
<property name="com.intellij.clouds.kubernetes.db.enabled" value="false" /> <property name="com.intellij.clouds.kubernetes.db.enabled" value="false" />
</jdbc-additional-properties> </jdbc-additional-properties>

2
HopFrame.Database/Models/PermissionGroup.cs
View File

@@ -1,6 +1,6 @@
namespace HopFrame.Database.Models; namespace HopFrame.Database.Models;
public sealed class PermissionGroup : IPermissionOwner { public class PermissionGroup : IPermissionOwner {
public string Name { get; init; } public string Name { get; init; }
public bool IsDefaultGroup { get; set; } public bool IsDefaultGroup { get; set; }
public string Description { get; set; } public string Description { get; set; }

4
HopFrame.Security/Services/IPermissionService.cs
View File

@@ -10,11 +10,13 @@ public interface IPermissionService {
Task<PermissionGroup> GetPermissionGroup(string name); Task<PermissionGroup> GetPermissionGroup(string name);
Task EditPermissionGroup(PermissionGroup group);
Task<IList<PermissionGroup>> GetUserPermissionGroups(User user); Task<IList<PermissionGroup>> GetUserPermissionGroups(User user);
Task RemoveGroupFromUser(User user, PermissionGroup group); Task RemoveGroupFromUser(User user, PermissionGroup group);
Task CreatePermissionGroup(string name, bool isDefault = false, string description = null); Task<PermissionGroup> CreatePermissionGroup(string name, bool isDefault = false, string description = null);
Task DeletePermissionGroup(PermissionGroup group); Task DeletePermissionGroup(PermissionGroup group);

39
HopFrame.Security/Services/Implementation/PermissionService.cs
View File

@@ -53,6 +53,19 @@ internal sealed class PermissionService<TDbContext>(TDbContext context, ITokenCo
.SingleOrDefaultAsync(); .SingleOrDefaultAsync();
} }
public async Task EditPermissionGroup(PermissionGroup group) {
var orig = await context.Groups.SingleOrDefaultAsync(g => g.Name == group.Name);
if (orig is null) return;
var entity = context.Groups.Update(orig);
entity.Entity.Default = group.IsDefaultGroup;
entity.Entity.Description = group.Description;
await context.SaveChangesAsync();
}
public async Task<IList<PermissionGroup>> GetUserPermissionGroups(User user) { public async Task<IList<PermissionGroup>> GetUserPermissionGroups(User user) {
var groups = await context.Groups.ToListAsync(); var groups = await context.Groups.ToListAsync();
var perms = await GetFullPermissions(user.Id.ToString()); var perms = await GetFullPermissions(user.Id.ToString());
@@ -74,7 +87,7 @@ internal sealed class PermissionService<TDbContext>(TDbContext context, ITokenCo
await context.SaveChangesAsync(); await context.SaveChangesAsync();
} }
public async Task CreatePermissionGroup(string name, bool isDefault = false, string description = null) { public async Task<PermissionGroup> CreatePermissionGroup(string name, bool isDefault = false, string description = null) {
var group = new GroupEntry { var group = new GroupEntry {
Name = name, Name = name,
Description = description, Description = description,
@@ -83,12 +96,36 @@ internal sealed class PermissionService<TDbContext>(TDbContext context, ITokenCo
}; };
await context.Groups.AddAsync(group); await context.Groups.AddAsync(group);
if (isDefault) {
var users = await context.Users.ToListAsync();
foreach (var user in users) {
await context.Permissions.AddAsync(new PermissionEntry {
GrantedAt = DateTime.Now,
PermissionText = group.Name,
UserId = user.Id
});
}
}
await context.SaveChangesAsync(); await context.SaveChangesAsync();
return group.ToPermissionGroup(context);
} }
public async Task DeletePermissionGroup(PermissionGroup group) { public async Task DeletePermissionGroup(PermissionGroup group) {
var entry = await context.Groups.SingleOrDefaultAsync(entry => entry.Name == group.Name); var entry = await context.Groups.SingleOrDefaultAsync(entry => entry.Name == group.Name);
context.Groups.Remove(entry); context.Groups.Remove(entry);
var permissions = await context.Permissions
.Where(perm => perm.UserId == group.Name || perm.PermissionText == group.Name)
.ToListAsync();
if (permissions.Count > 0) {
context.Permissions.RemoveRange(permissions);
}
await context.SaveChangesAsync(); await context.SaveChangesAsync();
} }

10
HopFrame.Web/AdminPermissions.cs
View File

@@ -2,8 +2,14 @@ namespace HopFrame.Web;
public static class AdminPermissions { public static class AdminPermissions {
public const string IsAdmin = "hopframe.admin"; public const string IsAdmin = "hopframe.admin";
public const string ViewUsers = "hopframe.admin.users.view"; public const string ViewUsers = "hopframe.admin.users.view";
public const string EditUsers = "hopframe.admin.users.edit"; public const string EditUser = "hopframe.admin.users.edit";
public const string DeleteUsers = "hopframe.admin.users.delete"; public const string DeleteUser = "hopframe.admin.users.delete";
public const string AddUser = "hopframe.admin.users.add"; public const string AddUser = "hopframe.admin.users.add";
public const string ViewGroups = "hopframe.admin.groups.view";
public const string EditGroup = "hopframe.admin.groups.edit";
public const string DeleteGroup = "hopframe.admin.groups.delete";
public const string AddGroup = "hopframe.admin.groups.add";
} }

7
HopFrame.Web/Model/PermissionGroupAdd.cs Normal file
View File

@@ -0,0 +1,7 @@
using HopFrame.Database.Models;
namespace HopFrame.Web.Model;
public class PermissionGroupAdd : PermissionGroup {
public string GroupName { get; set; }
}

252
HopFrame.Web/Pages/Administration/Components/GroupAddModal.razor Normal file
View File

@@ -0,0 +1,252 @@
@rendermode InteractiveServer
@using BlazorStrap
@using BlazorStrap.Shared.Components.Modal
@using static Microsoft.AspNetCore.Components.Web.RenderMode
@using BlazorStrap.V5
@using CurrieTechnologies.Razor.SweetAlert2
@using HopFrame.Database.Models
@using HopFrame.Security.Services
@using HopFrame.Web.Model
<BSModal DataId="add-group-modal" HideOnValidSubmit="true" IsStaticBackdrop="true" @ref="_modal">
<BSForm Model="_group" OnValidSubmit="AddGroup">
@if (_isEdit) {
<BSModalHeader>Edit group</BSModalHeader>
}
else {
<BSModalHeader>Add group</BSModalHeader>
}
<BSModalContent>
<div class="mb-3">
<BSLabel>Name</BSLabel>
@if (!_isEdit) {
<BSInputGroup>
<span class="@BS.Input_Group_Text">group.</span>
<BSInput InputType="InputType.Text" @bind-Value="_group.GroupName"/>
</BSInputGroup>
}
else {
<input type="text" class="form-control" disabled value="@_group.Name"/>
}
</div>
@if (_isEdit) {
<div class="mb-3">
<BSLabel>Created at</BSLabel>
<input type="text" class="form-control" disabled value="@_group.CreatedAt"/>
</div>
}
<div class="mb-3">
<BSLabel>Description</BSLabel>
<BSInput InputType="InputType.TextArea" @bind-Value="_group.Description"/>
</div>
<div class="mb-3">
<BSInputSwitch @bind-Value="_group.IsDefaultGroup" CheckedValue="true" UnCheckedValue="false">
Default group
</BSInputSwitch>
</div>
<div class="mb-3">
<BSLabel>Inherits from</BSLabel>
<BSListGroup>
<BSListGroupItem>
<BSListGroup IsFlush="true">
@foreach (var group in _group.Permissions.Where(g => g.PermissionName.StartsWith("group."))) {
<BSListGroupItem>
<BSButton Color="BSColor.Danger" Size="Size.ExtraSmall" MarginEnd="Margins.Small" OnClick="() => RemovePermission(group)">
<HopIconDisplay Type="HopIconDisplay.HopIcon.Cross"/>
</BSButton>
<span>@group.PermissionName.Replace("group.", "")</span>
</BSListGroupItem>
}
</BSListGroup>
</BSListGroupItem>
<BSListGroupItem>
<div style="display: flex; gap: 20px">
<BSInput InputType="InputType.Select" @bind-Value="_groupToAdd">
<option selected>Select group</option>
@foreach (var group in _allGroups) {
@if (_group.Permissions.All(g => g.PermissionName != group.Name) && group.Name != _group.Name) {
<option value="@group.Name">@group.Name.Replace("group.", "")</option>
}
}
</BSInput>
<BSButton Color="BSColor.Secondary" OnClick="AddInheritanceGroup">Add</BSButton>
</div>
</BSListGroupItem>
</BSListGroup>
</div>
<div class="mb-3">
<BSLabel>Permissions</BSLabel>
<BSListGroup>
<BSListGroupItem>
<BSListGroup IsFlush="true">
@foreach (var perm in _group.Permissions.Where(perm => !perm.PermissionName.StartsWith("group."))) {
<BSListGroupItem>
<BSButton Color="BSColor.Danger" Size="Size.ExtraSmall" MarginEnd="Margins.Small" OnClick="() => RemovePermission(perm)">
<HopIconDisplay Type="HopIconDisplay.HopIcon.Cross"/>
</BSButton>
<span>@perm.PermissionName</span>
</BSListGroupItem>
}
</BSListGroup>
</BSListGroupItem>
<BSListGroupItem>
<div style="display: flex; gap: 20px">
<BSInput InputType="InputType.Text" @bind-Value="_permissionToAdd"/>
<BSButton Color="BSColor.Secondary" OnClick="AddPermission">Add</BSButton>
</div>
</BSListGroupItem>
</BSListGroup>
</div>
</BSModalContent>
<BSModalFooter>
<BSButton Target="add-group-modal">Cancel</BSButton>
<BSButton IsSubmit="true" Color="BSColor.Primary">Save</BSButton>
</BSModalFooter>
</BSForm>
</BSModal>
@inject IPermissionService Permissions
@inject SweetAlertService Alerts
@code {
[Parameter] public Func<Task> ReloadPage { get; set; }
private PermissionGroupAdd _group;
private BSModalBase _modal;
private string _permissionToAdd;
private string _groupToAdd;
private IList<PermissionGroup> _allGroups;
private bool _isEdit;
public async Task ShowAsync(PermissionGroup group = null) {
_allGroups = await Permissions.GetPermissionGroups();
if (group is not null) {
_group = new PermissionGroupAdd {
CreatedAt = group.CreatedAt,
Description = group.Description,
Name = group.Name,
IsDefaultGroup = group.IsDefaultGroup,
Permissions = group.Permissions
};
_isEdit = true;
}
else {
_group = new PermissionGroupAdd {
Permissions = new List<Permission>(),
IsDefaultGroup = false
};
_isEdit = false;
}
await _modal.ShowAsync();
}
private async Task AddPermission() {
if (string.IsNullOrWhiteSpace(_permissionToAdd)) {
await Alerts.FireAsync(new SweetAlertOptions {
Title = "Enter a permission name!",
Icon = SweetAlertIcon.Error,
ShowConfirmButton = true
});
return;
}
if (_isEdit) {
await Permissions.AddPermission(_group, _permissionToAdd);
}
_group.Permissions.Add(new Permission {
PermissionName = _permissionToAdd
});
_permissionToAdd = null;
}
private async Task RemovePermission(Permission permission) {
if (_isEdit) {
var perm = await Permissions.GetPermission(permission.PermissionName, _group);
await Permissions.RemovePermission(perm);
}
_group.Permissions.Remove(permission);
}
private async Task AddInheritanceGroup() {
if (string.IsNullOrWhiteSpace(_groupToAdd)) {
await Alerts.FireAsync(new SweetAlertOptions {
Title = "Select a group!",
Icon = SweetAlertIcon.Error,
ShowConfirmButton = true
});
return;
}
if (_isEdit) {
await Permissions.AddPermission(_group, _groupToAdd);
}
_group.Permissions.Add(new Permission {
PermissionName = _groupToAdd
});
_groupToAdd = null;
}
private async Task AddGroup() {
if (_isEdit) {
await Permissions.EditPermissionGroup(_group);
if (ReloadPage is not null)
await ReloadPage.Invoke();
await Alerts.FireAsync(new SweetAlertOptions {
Title = "Group edited!",
Icon = SweetAlertIcon.Success,
Timer = 1500,
ShowConfirmButton = false
});
return;
}
if (_allGroups.Any(group => group.Name == _group.Name)) {
await Alerts.FireAsync(new SweetAlertOptions {
Title = "Something went wrong!",
Text = "This group already exists!",
Icon = SweetAlertIcon.Error,
ShowConfirmButton = false,
Timer = 1500
});
return;
}
var dbGroup = await Permissions.CreatePermissionGroup("group." + _group.GroupName, _group.IsDefaultGroup, _group.Description);
foreach (var permission in _group.Permissions) {
await Permissions.AddPermission(dbGroup, permission.PermissionName);
}
if (ReloadPage is not null)
await ReloadPage.Invoke();
await Alerts.FireAsync(new SweetAlertOptions {
Title = "Group added!",
Icon = SweetAlertIcon.Success,
Timer = 1500,
ShowConfirmButton = false
});
}
}

12
HopFrame.Web/Pages/Administration/Components/UserEditModal.razor
View File

@@ -119,7 +119,7 @@
private string _permissionToAdd; private string _permissionToAdd;
public async Task ShowAsync(User user) { public async Task ShowAsync(User user) {
if (!(await Permissions.HasPermission(AdminPermissions.EditUsers, Auth.User.Id))) { if (!(await Permissions.HasPermission(AdminPermissions.EditUser, Auth.User.Id))) {
await NoEditPermissions(); await NoEditPermissions();
return; return;
} }
@@ -131,7 +131,7 @@
} }
private async Task AddGroup() { private async Task AddGroup() {
if (!(await Permissions.HasPermission(AdminPermissions.EditUsers, Auth.User.Id))) { if (!(await Permissions.HasPermission(AdminPermissions.EditUser, Auth.User.Id))) {
await NoEditPermissions(); await NoEditPermissions();
return; return;
} }
@@ -159,7 +159,7 @@
} }
private async Task RemoveGroup(PermissionGroup group) { private async Task RemoveGroup(PermissionGroup group) {
if (!(await Permissions.HasPermission(AdminPermissions.EditUsers, Auth.User.Id))) { if (!(await Permissions.HasPermission(AdminPermissions.EditUser, Auth.User.Id))) {
await NoEditPermissions(); await NoEditPermissions();
return; return;
} }
@@ -187,7 +187,7 @@
} }
private async Task AddPermission() { private async Task AddPermission() {
if (!(await Permissions.HasPermission(AdminPermissions.EditUsers, Auth.User.Id))) { if (!(await Permissions.HasPermission(AdminPermissions.EditUser, Auth.User.Id))) {
await NoEditPermissions(); await NoEditPermissions();
return; return;
} }
@@ -214,7 +214,7 @@
} }
private async Task RemovePermission(Permission perm) { private async Task RemovePermission(Permission perm) {
if (!(await Permissions.HasPermission(AdminPermissions.EditUsers, Auth.User.Id))) { if (!(await Permissions.HasPermission(AdminPermissions.EditUser, Auth.User.Id))) {
await NoEditPermissions(); await NoEditPermissions();
return; return;
} }
@@ -242,7 +242,7 @@
} }
private async void EditUser() { private async void EditUser() {
if (!(await Permissions.HasPermission(AdminPermissions.EditUsers, Auth.User.Id))) { if (!(await Permissions.HasPermission(AdminPermissions.EditUser, Auth.User.Id))) {
await NoEditPermissions(); await NoEditPermissions();
return; return;
} }

133
HopFrame.Web/Pages/Administration/GroupsPage.razor Normal file
View File

@@ -0,0 +1,133 @@
@page "/administration/groups"
@rendermode InteractiveServer
@layout AdminLayout
@using static Microsoft.AspNetCore.Components.Web.RenderMode
@using BlazorStrap
@using Microsoft.AspNetCore.Components.Web
@using HopFrame.Web.Components
@using HopFrame.Web.Pages.Administration.Components
@using BlazorStrap.V5
@using CurrieTechnologies.Razor.SweetAlert2
@using HopFrame.Database.Models
@using HopFrame.Security.Claims
@using HopFrame.Security.Services
@using HopFrame.Web.Pages.Administration.Layout
<PageTitle>Groups</PageTitle>
<AuthorizedView Permission="@AdminPermissions.ViewGroups" RedirectIfUnauthorized="login?redirect=/administration/groups"/>
<GroupAddModal ReloadPage="Reload" @ref="_groupAddModal"/>
<div class="title">
<h3>
Groups administration
<span class="reload" @onclick="Reload">
<HopIconDisplay Type="HopIconDisplay.HopIcon.Reload"/>
</span>
</h3>
<form class="d-flex" role="search" id="search">
<input class="form-control me-2 input-dark" type="search" placeholder="Search" aria-label="Search">
<BSButton Color="BSColor.Success" IsOutlined="true" type="submit">Search</BSButton>
</form>
<BSButton IsSubmit="false" Color="BSColor.Success" Target="add-user" OnClick="() => _groupAddModal.ShowAsync()">Add Group</BSButton>
</div>
<BSTable IsStriped="true" IsHoverable="true" IsDark="true" Color="BSColor.Dark">
<BSTHead>
<BSTR>
<BSTD>Name</BSTD>
<BSTD>Description</BSTD>
<BSTD>Default</BSTD>
<BSTD>Created</BSTD>
@if (_hasEditPrivileges || _hasDeletePrivileges) {
<BSTD>Actions</BSTD>
}
</BSTR>
</BSTHead>
<BSTBody>
@foreach (var group in _groups) {
<BSTR>
<BSTD Class="bold">@group.Name.Replace("group.", "")</BSTD>
<BSTD>@group.Description</BSTD>
<BSTD>
@if (group.IsDefaultGroup) {
<span>Yes</span>
}
else {
<span>No</span>
}
</BSTD>
<BSTD>@group.CreatedAt</BSTD>
@if (_hasEditPrivileges || _hasDeletePrivileges) {
<BSTD>
<BSButtonGroup>
@if (_hasEditPrivileges) {
<BSButton Color="BSColor.Warning" OnClick="() => _groupAddModal.ShowAsync(group)">Edit</BSButton>
}
@if (_hasDeletePrivileges) {
<BSButton Color="BSColor.Danger" OnClick="() => Delete(group)">Delete</BSButton>
}
</BSButtonGroup>
</BSTD>
}
</BSTR>
}
</BSTBody>
</BSTable>
@inject IPermissionService Permissions
@inject ITokenContext Auth
@inject SweetAlertService Alerts
@code {
private IList<PermissionGroup> _groups = new List<PermissionGroup>();
private bool _hasEditPrivileges = false;
private bool _hasDeletePrivileges = false;
private GroupAddModal _groupAddModal;
protected override async Task OnInitializedAsync() {
_groups = await Permissions.GetPermissionGroups();
_hasEditPrivileges = await Permissions.HasPermission(AdminPermissions.EditGroup, Auth.User.Id);
_hasDeletePrivileges = await Permissions.HasPermission(AdminPermissions.DeleteGroup, Auth.User.Id);
}
private async Task Reload() {
_groups = new List<PermissionGroup>();
_groups = await Permissions.GetPermissionGroups();
StateHasChanged();
}
private async Task Delete(PermissionGroup group) {
var result = await Alerts.FireAsync(new SweetAlertOptions {
Title = "Are you sure?",
Text = "You won't be able to revert this!",
Icon = SweetAlertIcon.Warning,
ConfirmButtonText = "Yes",
ShowCancelButton = true,
ShowConfirmButton = true
});
if (result.IsConfirmed) {
await Permissions.DeletePermissionGroup(group);
await Reload();
await Alerts.FireAsync(new SweetAlertOptions {
Title = "Deleted!",
Icon = SweetAlertIcon.Success,
Timer = 1500,
ShowConfirmButton = false
});
}
}
}

26
HopFrame.Web/Pages/Administration/GroupsPage.razor.css Normal file
View File

@@ -0,0 +1,26 @@
.title {
display: flex;
flex-direction: row;
gap: 10px;
margin-bottom: 10px;
}
#search {
margin-left: auto;
}
th, h3 {
user-select: none;
}
h3 {
color: white;
}
.reload, .sorter {
cursor: pointer;
}
.bold {
font-weight: bold;
}

8
HopFrame.Web/Pages/Administration/Layout/AdminMenu.razor
View File

@@ -21,7 +21,7 @@
<Content> <Content>
<BSNav MarginEnd="Margins.Auto" MarginBottom="Margins.Small" Class="mb-lg-0"> <BSNav MarginEnd="Margins.Auto" MarginBottom="Margins.Small" Class="mb-lg-0">
@foreach (var nav in Subpages) { @foreach (var nav in Subpages) {
<BSNavItem IsActive="IsNavItemActive(nav.Key)" Url="@nav.Key">@nav.Value</BSNavItem> <BSNavItem IsActive="IsNavItemActive(nav.Key)" OnClick="() => Navigate(nav.Key)">@nav.Value</BSNavItem>
} }
</BSNav> </BSNav>
@@ -52,7 +52,11 @@
return Navigator.Uri.Contains(element); return Navigator.Uri.Contains(element);
} }
private async void Logout() { private void Navigate(string url) {
Navigator.NavigateTo(url, true);
}
private void Logout() {
Navigator.NavigateTo("login?redirect=/administration", true); Navigator.NavigateTo("login?redirect=/administration", true);
} }
} }

4
HopFrame.Web/Pages/Administration/UsersPage.razor
View File

@@ -121,8 +121,8 @@
_userGroups.Add(user.Id, groups.FirstOrDefault()); _userGroups.Add(user.Id, groups.FirstOrDefault());
} }
_hasEditPrivileges = await PermissionsService.HasPermission(AdminPermissions.EditUsers, Auth.User.Id); _hasEditPrivileges = await PermissionsService.HasPermission(AdminPermissions.EditUser, Auth.User.Id);
_hasDeletePrivileges = await PermissionsService.HasPermission(AdminPermissions.DeleteUsers, Auth.User.Id); _hasDeletePrivileges = await PermissionsService.HasPermission(AdminPermissions.DeleteUser, Auth.User.Id);
} }
private async Task Reload() { private async Task Reload() {